Tools

"... An ad hoc network is a collection of wireless computers (nodes), communicating among themselves over possibly multihop paths, without the help of any infrastructure such as base stations or access points. Although many previous ad hoc network routing protocols have been based in part on distance vec ..."

by
Niels Provos
- In Proceedings of the 12th Usenix Security Symposium, 2002

"... We introduce a system that eliminates the need to run programs in privileged process contexts. Using our system, programs run unprivileged but may execute certain operations with elevated privileges as determined by a configurable policy eliminating the need for suid or sgid binaries. We present the ..."

training session or generate them interactively during program execution. The policies describe the desired behavior of services or user applications on a system call level and are enforced to prevent operations that are not explicitly permitted. We show that Systrace is efficient and does not impose

"... We introduce program shepherding, a method for monitoring control flow transfers during program execution to enforce a security policy. Program shepherding provides three techniques as building blocks for security policies. First, shepherding can restrict execution privileges on the basis of code or ..."

We introduce program shepherding, a method for monitoring control flow transfers during program execution to enforceasecuritypolicy. Program shepherding provides three techniques as building blocks for securitypolicies. First, shepherding can restrict execution privileges on the basis of code

"... A system for enforcing messaging security policies for both store and forward and streaming messaging protocols on COTS operating system platforms is described. Messaging protocols are subjected to interception, transformation, and filtering based on dynamically configurable security policies. Trans ..."

A system for enforcing messaging securitypolicies for both store and forward and streaming messaging protocols on COTS operating system platforms is described. Messaging protocols are subjected to interception, transformation, and filtering based on dynamically configurable securitypolicies

"... Abstract- The proliferation of mobile handheld devices, such as Personal Digital Assistants (PDAs) and tablet computers, within the workplace is expanding rapidly. While providing productivity benefits, the ability of these devices to store and transmit corporate information through both wired and w ..."

and wireless networks poses potential risks to an organization’s security. This paper describes an approach to assigning and enforcing an organization’s securitypolicy on handheld devices. The approach relies on the device holding a valid policy certificate, obtained through synchronization with a user’s

"... In a distributed multi-user environment, the security policy must not only specify legitimate user privileges but also aid in the detection of the abuse of the privileges and adapt to perceived system threat conditions. This paper advocates extending authorization policy evaluation mechanisms with a ..."

. Such advanced policies assist in detecting and responding to intrusion and misuse and they allow more efficient utilization of securityservices, such as authentication, audit, and notification. We present an authorization framework, which enables the representation and enforcement of advanced securitypolicies

"... Abstract—The enforcement of security policies in outsourced environments is still an open challenge for policy-based systems. On the one hand, taking the appropriate security decision requires access to the policies. However, if such access is allowed in an untrusted environment then confidential in ..."

Abstract—The enforcement of securitypolicies in outsourced environments is still an open challenge for policy-based systems. On the one hand, taking the appropriate security decision requires access to the policies. However, if such access is allowed in an untrusted environment then confidential

on the past, present and future status of the moving objects. Moreover, these services raise a number of security and privacy challenges. To address this, securitypolicies are specified to ensure controlled access to the mobile user’s location and movement trajectories, their profile information

"... In this paper we describe a policy language designed for pervasive computing applications that is based on deontic concepts and grounded in a semantic language. The pervasive computing environments under consideration are those in which people and devices are mobile and use various wireless networki ..."

networking technologies to discover and access services and devices in their vicinity. Such pervasive environments lend themselves to policy-basedsecurity due to their extremely dynamic nature. Using policies allows the security functionality to be modified without changing the implementation